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1 DETAILED ACTION 

2 

3 This action is in response to the communication filed on 6/27/06. 

4 All objections and rejections not set forth below have been withdrawn. 

5 Claims 1 - 13 are pending. 
6 

7 

8 Specification 

9 

10 The specification is objected to as failing to provide proper antecedent basis for 



1 1 the claimed subject matter. See 37 CFR 1 .75(d)(1) and MPEP § 608.01 (o). Correction 

12 of the following is required: Claims 1, 4, 5, 10, and 1 1 each have the added limitation 

1 3 " while the respective connection between the mobile devices to the application program 

1 4 are established and for communications within the respective session" [or similar]. The 

1 5 specification fails to provide proper antecedent basis for this limitation. 
16 

17 



1 8 Claim Rejections - 35 USC § 112 



19 

20 The following is a quotation of the first paragraph of 35 U.S.C. 112: 

21 The specification shall contain a written description of the invention, and of the manner and process of 

22 making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 

23 art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 

24 set forth the best mode contemplated by the inventor of carrying out his invention. 
25 
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1 Claims 1 - 13 are rejected under 35 U.S.C. 112, first paragraph, as failing to 

2 comply with the written description requirement. The claim(s) contains subject matter 

3 which was not described in the specification in such a way as to reasonably convey to 

4 one skilled in the relevant art that the inventor(s), at the time the application was filed, 

5 had possession of the claimed invention. See above rejection to the specification. 
6 

7 



8 Claim Rejections - 35 USC § 102 

9 

10 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 

1 1 form the basis for the rejections under this section made in this Office action: 

12 A person shall be entitled to a patent unless - 

1 3 (e) the invention was described in (1) an application for patent, published under section 122(b), by 

1 4 another filed in the United States before the invention by the applicant for patent or (2) a patent 

1 5 granted on an application for patent by another filed in the United States before the invention by the 

1 6 applicant for patent, except that an international application filed under the treaty defined in section 

1 7 351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 

1 8 only if the international application designated the United States and was published under Article 21 (2) 

19 of such treaty in the English language. 
20 

21 

22 Claims 1 - 3, 4, 11 - 13 are rejected under 35 U.S.C. 102(e) as being 

23 anticipated by Aziz et al. (Aziz), U.S. Patent, 6,643,701. 

24 

25 Regarding claim 1 , Aziz discloses: 

26 generating at the gateway module respective first session identifiers upon receipt 

27 of initial requests from the mobile communication devices at the gateway module and 

28 transmitting the first session identifiers to the application program (8:1 5-22). Herein, 
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1 Aziz discloses the use of SSL to establish sessions. As is evidenced by Kocher 

2 (Kocher et al., "The SSL Protocol Version 3.0"), Aziz discloses the sending of first 

3 session identifiers to the application program (Aziz, fig. 3:330; Kocher, pg. 21 - "hello 

4 message"). 

5 associating the first session identifiers with corresponding second session 

6 identifiers from the application program at the gateway module (8:1 5-33). Again, Aziz 

7 shows the use of the SSL protocol at a gateway, which entails the sending from the 

8 application program (fig. 3:340) to a gateway (fig. 3:320) "second session identifiers" for 

9 a respective session corresponding to the first session identifiers (Aziz, fig. 3:330; 8:25- 

10 33; Kocher, pg. 23 - "hello message", pg. 19). As can be seen by the SSL protocol, 

1 1 these second session identifiers, used to continue a secure communication session 

12 between the gateway and application program, are sent from the application program. 

1 3 wherein respective connections are established between the mobile 

14 communications devices and the application program (Aziz, fig. 3:[300.1 - 300.M], fig. 

15 3:340). 

1 6 and in response to subsequent communications from the mobile devices to the 

17 application program (Aziz, 7:58-64; 8:25-32), 

1 8 while the respective connections between the mobile devices to the application 

19 program are established (Aziz, fig. 3:[310.1 - 310.M], fig. 3:340) and for 

20 communications within the respective sessions (Aziz has disclosed that these separate 

21 sessions between the devices and application program are for communication, 6:29- 

22 44), 
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1 transmitting from the gateway module to the application program the second 

2 session identifiers that are associated with the first session identifiers of the mobile 

3 devices of the subsequent communications (8:25-32). Herein, Aziz discloses that 

4 subsequent communications from a device result in a SSL session, comprising the 

5 sending of session identifiers that correspond to the identifiers of the session initiated by 

6 the mobile device. 
7 



8 Regarding claim 2, Aziz discloses: 

9 receiving requests of a first type from the mobile devices at the gateway module 

1 0 and transferring the first type requests to an authentication module that manages user 

1 1 authentication (8:66 - 9:5); 

1 2 and when a user at a mobile device has not logged-in to the authentication 



1 3 module, transmitting a log-in prompt from the authentication module to the mobile 

1 4 device in response to a request of the first type from the mobile device (9:3-5,23-29). 

15 Herein, Aziz discloses that when the server requires client authentication, the server 

16 requests (the client is prompted) that the client transmit log in information. 
17 

18 Regarding claim 3, Aziz discloses: 

19 generating at the authentication module respective authentication identifiers for 

20 the first session identifiers and associating the authentication identifiers with 

21 corresponding first session identifiers (2:1 1-15, 31-36; 8:66 - 9:5,23-29). Herein, Aziz 
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1 discloses that resulting at the authentication module ("generating"), are authentication 

2 identifiers associated with the identifiers of the session. 
3 

4 Regarding claim 4, it is the apparatus implementing the method of claim 1 , and it 

5 is rejected, at least, the same reasons. 
6 

7 Regarding claims 11 - 13, they are system implementing the method of claims 1 

8 - 3, and they are rejected, at least, for the same reasons. Furthermore, Aziz discloses 

9 a "mobile interface", an interface to connect with a plurality of mobile devices (fig. 3). 
10 

1 1 Claim Rejections - 35 USC § 103 

12 

1 3 The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 

14 obviousness rejections set forth in this Office action: 

15 (a) A patent may not be obtained though the invention is not identically disclosed or described as set 

1 6 forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 

1 7 the prior art are such that the subject matter as a whole would have been obvious at the time the 

1 8 invention was made to a person having ordinary skill in the art to which said subject matter pertains. 

1 9 Patentability shall not be negatived by the manner in which the invention was made. 

20 
21 
22 

23 Claims 5 and 10 are rejected under 35 U.S.C. 103(a) as being unpatentable 

24 over Aziz in view of Davis et al. (Davis), U.S. Patent 6,367,009. 

25 

26 Regarding claim 5, it is a method substantially similar to the method of claim 1 , 

27 and it is rejected, at least, for the same reasons. Furthermore, Aziz discloses 
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1 applications of client - server technology within e-commerce and banking systems. 

2 Thus, Aziz makes clear that sessions between clients and a server are sessions 

3 between clients and a "merchant" application (1 :40-55). Additionally Aziz, discloses that 

4 client devices can be wireless devices such as cell phones (7:4-18). However, Aziz 

5 does not explicitly disclose that a wireless device would establish a session with the 

6 gateway using wireless means, and therefore, that session identifiers are associated 

7 with wireless sessions. 

8 Davis, in a substantially similar disclosure as Aziz, discloses that a wireless 

9 device (client) can utilize its wireless functionality to establish wireless sessions (fig. 3; 

10 7:30-39, 8:44-67). 

11 It would have been obvious to one of ordinary skill in the art to employ the 

12 teachings of Davis within the system of Aziz. This would have been obvious because 

13 one of ordinary skill in the art would have seen logical the use of a wireless device to 

14 establish a wireless session. Thus, the combination of Aziz and Davis discloses the use 

15 of a wireless device to establish a SSL session wirelessly, and therefore, that the 

16 session identifiers would be wireless session identifiers. 
17 

18 Regarding claim 10, it is the apparatus implementing the method of claim 5, and 

19 it is rejected, at least, the same reasons. 



20 



21 



Claims 6-9 are rejected under 35 U.S.C. 103(a) as being unpatentable over 



22 



the combination of Aziz and Davis, in view of Sparks et al., "Design and 
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1 Production of Print Advertising and Commercial Display Materials Over the 

2 Internet", U.S. Patent 6,167,382. 

3 

4 Regarding claim 6, the combination of Aziz and Davis does not disclose receiving 

5 checkout requests from the wireless communication devices at the gateway module and 

6 transferring the checkout requests to a wallet module that manages user authentication. 

7 Instead, the combination of Aziz and Davis discloses a generic system for establishing 

8 communications between a client and a server via a gateway (Aziz, figs. 2 and 6). The 

9 client and server each establish a secure session connection with an intervening relay. 

10 The relay then enables communications between the client and the server. The 

1 1 combination of Aziz and Davis discloses that this system is used as an improvement to 

12 various publicly available systems such as electronic commerce and shopping systems 

13 where the authentication and encryption of information is necessary (Aziz, col. 1 , lines 

1 4 42-47; col. 3, lines 1 ,2). However, it was not the purpose of the combination of Aziz and 

15 Davis to discuss the methods and features specific to the e-commerce and shopping 

16 systems. Thus, the combination of Aziz and Davis does not disclose methods such as 

17 receiving checkout requests, transmitting payment options, or using wallet identifiers. 

1 8 Sparks discloses a system that features the electronic commerce methods of 

19 receiving checkout requests, transmitting payment options, and using wallet identifiers 

20 (Sparks, col. 2, lines 36-49; col. 17, lines 12-26). 

21 It would have been obvious to one of ordinary skill in the art to combine 

22 electronic commerce features, such as those disclosed by Sparks, with the generic 
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1 system of the combination of Aziz and Davis for establishing communications because it 

2 is obvious that a generic system designed to enhance electronic commerce (Aziz, col. 

3 1 , lines 42-47) would need to features to enable electronic commerce. 

4 Thus, the combination of Aziz, Davis, and Sparks discloses: 

5 receiving checkout requests from the wireless communication devices at the 

6 gateway module and transferring the checkout requests to a wallet module that 

7 manages user authentication (Sparks, col. 2, lines 36-49); 

8 when a user at a wireless communications device has logged-in to the wallet 

9 module, transmitting payment options from the wallet module to the wireless 

1 0 communications device in response to a checkout request from the wireless 

1 1 communications device (Sparks, figs. 3, 4, 9, 59, 60); 

1 2 when a user at a wireless communications device has not logged-in to the wallet 



1 3 module, transmitting a log-in prompt from the wallet module to the wireless 

1 4 communications device in response to a checkout request from the wireless 

1 5 communications device (Sparks, figs. 3, 4). 

17 Regarding claim 7, the combination of Aziz, Davis, and Sparks disclose: 

1 8 generating at the wallet module respective wallet session identifiers for the 

1 9 wireless session identifiers and associating the wallet session identifiers with 

20 corresponding wireless session identifiers in a wallet session identifier table (Sparks, 

21 figs. 21 -23). 
22 
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1 Regarding claim 8, the combination of Aziz, Davis, and Sparks disclose: 

2 in response to a payment request from a wireless communications device, 

3 transmitting the payment request from the gateway module to the merchant application 

4 (Sparks, col. 10, lines 37-64; Aziz, fig. 2); 

5 disassociating the wireless session identifier from the corresponding merchant 



6 session identifier {Aziz, col. 2, lines 57-67; col. 6, lines 45-55). Unless session 

7 resumption procedures have been initiated by the client or the server, the session 

8 identifiers of the client are not re-associated with the corresponding session identifiers 

9 of the server, therefore, they are disassociated. 



1 0 generating a new wireless session identifier for the wireless communications 

1 1 device when another initial request is received from the wireless communications device 

12 (Aziz, col. 6, lines 45-55). New sessions can be requested by the client. 
13 

14 Regarding claim 9, the combination of Aziz, Davis, and Sparks implies clearing 



1 5 inactive entries from the wallet session identifier table. Electronic systems are not 

16 limitless in means for storage and operation. If unnecessary information was never 

17 cleared from memory, eventually such systems would reach their limits of storage. 

1 8 Therefore, it would have been obvious to one of ordinary skill in the art to clear inactive 

1 9 entries from the table in order to free and efficiently use a limited amount of memory. 
20 

21 
22 
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1 Response to Arguments 

2 

3 Applicants arguments filed 6/27/06 have been fully considered but they are not 

4 persuasive. 
5 

6 Applicant argues primarily that Aziz does not teach the limitations of claims 1 - 4 

7 and 11-13 because: 
8 

9 (i) Aziz creates an end-to-end secure transmission link from a client to a relay and 

10 from the relay to a server (C 7, L 54-64) using a handshaking session. (Remarks, pg. 7). 
11 

12 In reality, the examiner respectfully points out that Aziz discloses the creation of 

13 secure transmission links - i.e. a secure link between client to relay (fig. 3:310) and a 

14 secure link between server and relay (fig. 3:330). 
15 

1 6 Freier clearly teaches that the server creates session identifiers (P1 8, P21 ). 

1 7 Thus, it would appear that Aziz 1 relay creates a session identifier for use between the 

1 8 relay and the client, and Aziz 1 server creates another session identifier for use between 

1 9 the server and the client There is no apparent suggestion by Aziz that a session 

20 identifier generated by Aziz' relay in response to a request from a client, is then 

21 transmitted to Aziz 1 server Nor is it reasonable to conclude from Freier f s teachings that 

22 Aziz' relay transmits a session identifier that it generated to a server (Remarks, pg. 7) 
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1 

2 In response, the examiner respectfully points out that it appears the applicant 

3 misinterprets the teachings of Aziz and Freier. Freier simply evidences the nature of the 

4 SSL protocol being used between communicating entities, using the relative terminology 

5 of "client" and "server". As is shown by Aziz and by the rejection of claim 1 , Aziz 

6 discloses the creation of an SSL link between the relay and the server, in response to 

7 communications received by the relay from the client. The employment of the SSL 

8 protocol between communicating entities ("relay" and "server") entails the relay 

9 generating a hello message containing session identifiers (Kocher, pg. 21 - "hello 
10 message") and sending the message and identifiers to the server. 

11 

12 (ii) The amendments to claims 1,4, and 1 1 further clarify that Freier does not teach 

1 3 the transmitted second session identifiers from the gateway module to the application 

14 program. (Remarks, pg. 8) 
15 

16 In response, the examiner respectfully reminds the applicant that Freier is 

1 7 evidenced simply to teach the nature of the SSL protocol (the creation and sending if 

1 8 SSL session identifiers between communicating entities), and not to show elements of a 

1 9 gateway module or application program. 
20 

21 The claim limitations clarify that the second session identifiers are transmitted 

22 while the respective connections between the mobile devices to the application program 
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1 are established and for communications within the respective sessions. Freier's 

2 transmission of session identifiers is apparently for resuming a previous session or 

3 duplicating an existing session (page 18). Thus, the claimed subsequent 

4 communications exclude both the resumption and duplication of a session, and neither 

5 Aziz nor Freier are shown to teach the claim limitations. (Remarks, pg. 8) 
6 

7 In response, the examiner makes note that the added limitations within the 

8 amended claims refer to respective connections and sessions between mobile devices 

9 and an application program. Aziz shows respective connections and sessions (fig. 

10 3:[310.1 -310.M]; fig. 3:330.1 -333.N) between devices (fig. 3:[300.1 -300.M]) and a 

1 1 application program (fig. 3:340). 

12 Furthermore the examiner points out, in response to applicant's argument that 

13 the references fail to show certain features of applicant's invention, it is noted that the 

14 features upon which applicant relies (i.e., subsequent communications exclude both the 

15 resumption and duplication of a session) are not recited in the rejected claim(s). 

16 Although the claims are interpreted in light of the specification, limitations from the 

17 specification are not read into the claims. See In re Van Geuns, 988 F.2d 1 181 , 26 

18 USPQ2d 1057 (Fed. Cir. 1993). 
19 

20 Applicant also argues that the prior art does not teach the limitations of claims 5 

21 - 10 because: 
22 
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1 (i) The alleged motivation for combining Davis with Aziz is not supported by 

2 evidence and improper. Therefore, the rejection of claims 5 and 10 should be withdrawn 

3 because a prima facie case of obviousness has not been established. (Remarks, pg. 8) 
4 

5 In response, the examiner notes that the applicant does not provide adequate 

6 support for the above argument, and the examiner finds the argument to be 

7 unpersuasive. 
8 

9 (ii) The Office Action cites Sparks' col. 2, 1. 36-49. However, there is no apparent 

1 0 element in this portion of Sparks that corresponds to the gateway module at which 

1 1 checkout requests are received. Nor is there any apparent element that corresponds to 

1 2 the claimed wallet module to which the checkout requests are sent. (Remarks, pg. 9) 
13 

14 In response to applicant's arguments against the references individually (i.e. 

1 5 there is no apparent element in this portion of Sparks that corresponds to the gateway 

16 module), one cannot show nonobviousness by attacking references individually where 

1 7 the rejections are based on combinations of references. See In re Keller, 642 F.2d 41 3, 

18 208 USPQ871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. 

19 Cir. 1986). 

20 Furthermore, the examiner points out that the combination of Aziz, Davis, and 

21 Sparks discloses a system that features the electronic commerce methods of receiving 

22 checkout requests by a server from a client, using wallet identifiers, and transmitting 
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1 payment options via a server ("wallet module") that serves the requests (Aziz, fig. 3; 

2 Sparks, fig. 3, 4, 9, 59, 60; col. 2, lines 36-49; col. 17, lines 12-26). 
3 

4 (iii) applicant asserts regarding claim 8: 

5 As explained above in regards to claim 6, Sparks is not shown to teach the 

6 claimed gateway module and operations thereof. (Remarks, pg. 9) 
7 

8 The examiner finds this argument to be unpersuasive in view of the reasons of 



9 record. 
10 
11 
12 

1 3 Conclusion 
14 

15 The prior art made of record and not relied upon is considered pertinent to 

16 applicant's disclosure. 
17 

1 8 See Notice of References Cited. 

19 

20 THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 

21 policy as set forth in 37 CFR 1 .1 36(a). 
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1 A shortened statutory period for reply to this final action is set to expire THREE 

2 MONTHS from the mailing date of this action. In the event a first reply is filed within 

3 TWO MONTHS of the mailing date of this final action and the advisory action is not 

4 mailed until after the end of the THREE-MONTH shortened statutory period, then the 

5 shortened statutory period will expire on the date the advisory action is mailed, and any 

6 extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 

7 the advisory action. In no event, however, will the statutory period for reply expire later 

8 than SIX MONTHS from the mailing date of this final action. 

9 Any inquiry concerning this communication or earlier communications from the 

1 0 examiner should be directed to Jeffery Williams whose telephone number is (571 ) 272- 

1 1 7965. The examiner can normally be reached on 8:30-5:00. 

12 If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

13 supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone 

14 number for the organization where this application or proceeding is assigned is 571- 

15 273-8300. 
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Information regarding the status of an application may be obtained from the 



2 Patent Application Information Retrieval (PAIR) system. Status information for 

3 published applications may be obtained from either Private PAIR or Public PAIR. 

4 Status information for unpublished applications is available through Private PAIR only. 

5 For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 

6 you have questions on access to the Private PAIR system, contact the Electronic 

7 Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 

8 USPTO Customer Service Representative or access to the automated information 

9 system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



10 



11 
12 
13 
14 
15 
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